home

dokan.sys

Windows Win 7 DDK driver

Changing Information Technology Inc.

It runs as a Windows file system device driver named “Dokan”.
Publisher:
Windows (R) Win 7 DDK provider  (signed by Changing Information Technology Inc.)

Product:
Windows (R) Win 7 DDK driver

Description:
Dokan Filesystem Driver

Version:
6.1.7600.16385 built by: WinDDK

MD5:
b389a3c021daa1eee46fd3219e755896

SHA-1:
d54e9345d4c970e8b75c18a0576137f9ceba301b

SHA-256:
fa94799f2b841475cb0bce4eb9c5991135b61a219ce4fcac9d500d5ccecbe5d4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:03:43 PM UTC  (today)

File size:
98.5 KB (100,904 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
dokan.sys

File type:
Driver (Win32 SYS)

Common path:
C:\Windows\System32\drivers\dokan.sys

Digital Signature
Signed by:
Changing Information Technology Inc.

Authority:
VeriSign, Inc.

Valid from:
4/11/2013 8:00:00 AM

Valid to:
5/11/2015 7:59:59 AM

Subject:
CN=Changing Information Technology Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Changing Information Technology Inc., L=Hsinchu, S=Taiwan, C=TW

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
37B2E908966BBADF7233DC45C39ED1D4

File PE Metadata
Compilation timestamp:
1/10/2011 8:50:18 PM

OS version:
6.1

OS bitness:
Win32

Subsystem:
Native (none required)

Linker version:
9.0

CTPH (ssdeep):
1536:HGypFvjY1z7LZ5AAPqO5N0xLMWXpXJvyrn6zHvYsDdfdxT01:mLFLZ5AAP50jpXJQn8HQsDdfdxT6

Entry address:
0x1441C

Entry point:
8B, FF, 55, 8B, EC, E8, BD, FF, FF, FF, 5D, E9, 64, FD, FF, FF, CC, CC, CC, CC, 5B, 44, 6F, 6B, 61, 6E, 46, 53, 5D, 20, 3C, 3D, 3D, 20, 44, 72, 69, 76, 65, 72, 45, 6E, 74, 72, 79, 0A, 00, CC, CC, CC, CC, CC, 5B, 44, 6F, 6B, 61, 6E, 46, 53, 5D, 20, 20, 20, 46, 73, 52, 74, 6C, 52, 65, 67, 69, 73, 74, 65, 72, 46, 69, 6C, 65, 53, 79, 73, 74, 65, 6D, 46, 69, 6C, 74, 65, 72, 43, 61, 6C, 6C, 62, 61, 63, 6B, 73, 20, 72, 65, 74, 75, 72, 6E, 65, 64, 20, 30, 78, 25, 78, 0A, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC...
 
[+]

Entropy:
6.5627

Code size:
79.8 KB (81,664 bytes)

Driver
Display name:
Dokan

Type:
File system 'filter' driver (FileSystemDriver)


Scan dokan.sys - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.